Annotatie bij Hof van Justitie 22 januari 2015 (Allposters / Pictoright)

Annotatie bij Hof van Justitie 22 januari 2015 (Allposters / Pictoright) external link

AMI, num: 6, pp: 169-173., 2016

Abstract

Overbrenging van de afbeelding van een beschermd werk van een papieren poster op canvas valt onder het distributierecht van art. 4 Auteursrechtrichtlijn 2001/29/EG. Poortvliet-doctrine. Geen sprake van uitputting als drager is vervangen. Beloning voor distributie moet in een redelijke verhouding staan tot de economische waarde van de exploitatie van het beschermde voorwerp. Auteursrechtrichtlijn harmoniseert niet het recht van bewerking.

Links

http://www.ivir.nl/publicaties/download/1735.pdf

frontpage, Grondrechten, Privacy

RIS

Save .RIS

Bibtex

Save .bib

A special regard: The Court of Justice and the fundamental rights to privacy and data protection external link

Irion, K.

Nomos, 0225

Abstract

The frequency with which the Court of Justice of the European Union (CJEU) rules on the interpretations of the rights to privacy and data protection in European Union (EU) law is constantly accelerating. The increasing case-load can certainly be attributed to the contemporary relevance of these issues in a data-driven society which leads to more cases being referred to the CJEU. However, contrary to earlier case-law, which had a rather limited effect, the recent CJEU decisions have gained prominence for their principle contribution to EU law. In 2014, the Court issued a landmark ruling in the case Digital Rights Ireland and Seitlinger v Minister for Communications, Marine and Natural Resources which catapulted EU citizens’ privacy and data protection rights from the margins of EU law to the center stage. Already in 2015, in the case Maximillian Schrems v Data Protection Commissioner, the Court has had another occasion to review EU legislation for its compliance with the rights to privacy and data protection under the EU Charter. The invalidation of the EU-U.S. Safe Harbour agreement by the Court has been stirring a global resonance in addition to receiving ample and arguably controversial coverage in international news. This contribution looks at how the fundamental rights to privacy and data protection are protected in the EU legal order. It primarily assesses the CJEU’s case-law’s trajectory in this field as well as the impact of its decision practice in EU law. Hereby I discuss whether the CJEU holds a particular regard for the rights to privacy and data protection since the Charter of Fundamental Rights of the EU (CFR) was accorded binding legal value in 2009.5 Particular focus is given to the discussion of the two judgments in 2014 and 2015 cited above with which the Court underscored its determination to effectively protect these fundamental rights in the scope of EU law.

Links

http://www.ivir.nl/irion_a-special-regard_chapterfinal/

frontpage, Grondrechten, Privacy

RIS

TY - CHAP
AU - Irion, K.
PY - 0225
DA - 2016-02-25
T1 - A special regard: The Court of Justice and the fundamental rights to privacy and data protection
UR - http://www.ivir.nl/irion_a-special-regard_chapterfinal/
AB - The frequency with which the Court of Justice of the European Union (CJEU) rules on the interpretations of the rights to privacy and data protection in European Union (EU) law is constantly accelerating. The increasing case-load can certainly be attributed to the contemporary relevance of these issues in a data-driven society which leads to more cases being referred to the CJEU. However, contrary to earlier case-law, which had a rather limited effect, the recent CJEU decisions have gained prominence for their principle contribution to EU law. In 2014, the Court issued a landmark ruling in the case Digital Rights Ireland and Seitlinger v Minister for Communications, Marine and Natural Resources which catapulted EU citizens’ privacy and data protection rights from the margins of EU law to the center stage. Already in 2015, in the case Maximillian Schrems v Data Protection Commissioner, the Court has had another occasion to review EU legislation for its compliance with the rights to privacy and data protection under the EU Charter. The invalidation of the EU-U.S. Safe Harbour agreement by the Court has been stirring a global resonance in addition to receiving ample and arguably controversial coverage in international news.
This contribution looks at how the fundamental rights to privacy and data protection are protected in the EU legal order. It primarily assesses the CJEU’s case-law’s trajectory in this field as well as the impact of its decision practice in EU law. Hereby I discuss whether the CJEU holds a particular regard for the rights to privacy and data protection since the Charter of Fundamental Rights of the EU (CFR) was accorded binding legal value in 2009.5 Particular focus is given to the discussion of the two judgments in 2014 and 2015 cited above with which the Court underscored its determination to effectively protect these fundamental rights in the scope of EU law.
K1 - frontpage
K1 - Grondrechten
K1 - Privacy
ER -

Save .RIS

Bibtex

Chapter{nokey,
	title = {A special regard: The Court of Justice and the fundamental rights to privacy and data protection},
	author = {Irion, K.},
	year = {0225},
	date = {2016-02-25},
	abstract = {The frequency with which the Court of Justice of the European Union (CJEU) rules on the interpretations of the rights to privacy and data protection in European Union (EU) law is constantly accelerating. The increasing case-load can certainly be attributed to the contemporary relevance of these issues in a data-driven society which leads to more cases being referred to the CJEU. However, contrary to earlier case-law, which had a rather limited effect, the recent CJEU decisions have gained prominence for their principle contribution to EU law. In 2014, the Court issued a landmark ruling in the case Digital Rights Ireland and Seitlinger v Minister for Communications, Marine and Natural Resources which catapulted EU citizens’ privacy and data protection rights from the margins of EU law to the center stage. Already in 2015, in the case Maximillian Schrems v Data Protection Commissioner, the Court has had another occasion to review EU legislation for its compliance with the rights to privacy and data protection under the EU Charter. The invalidation of the EU-U.S. Safe Harbour agreement by the Court has been stirring a global resonance in addition to receiving ample and arguably controversial coverage in international news.
This contribution looks at how the fundamental rights to privacy and data protection are protected in the EU legal order. It primarily assesses the CJEU’s case-law’s trajectory in this field as well as the impact of its decision practice in EU law. Hereby I discuss whether the CJEU holds a particular regard for the rights to privacy and data protection since the Charter of Fundamental Rights of the EU (CFR) was accorded binding legal value in 2009.5 Particular focus is given to the discussion of the two judgments in 2014 and 2015 cited above with which the Court underscored its determination to effectively protect these fundamental rights in the scope of EU law.},
	keywords = {frontpage, Grondrechten, Privacy},
}

Save .bib

EHRM geeft voorrang aan bescherming van persoonsgegevens external link

Hins, A.

Mediaforum, num: 1, pp: 19-21., 2016

Links

http://www.ivir.nl/publicaties/download/1731.pdf

Grondrechten, Privacy

RIS

Save .RIS

Bibtex

Save .bib

Singling out people without knowing their names – Behavioural targeting, pseudonymous data, and the new data protection regulation external link

Zuiderveen Borgesius, F.

Computer Law & Security Review, num: 2, pp: 256-271., 2016

Abstract

Information about millions of people is collected for behavioural targeting, a type of marketing that involves tracking people’s online behaviour for targeted advertising. It is hotly debated whether data protection law applies to behavioural targeting. Many behavioural targeting companies say that, as long as they do not tie names to data they hold about individuals, they do not process any personal data, and that, therefore, data protection law does not apply to them. European Data Protection Authorities, however, take the view that a company processes personal data if it uses data to single out a person, even if it cannot tie a name to these data. This paper argues that data protection law should indeed apply to behavioural targeting. Companies can often tie a name to nameless data about individuals. Furthermore, behavioural targeting relies on collecting information about individuals, singling out individuals, and targeting ads to individuals. Many privacy risks remain, regardless of whether companies tie a name to the information they hold about a person. A name is merely one of the identifiers that can be tied to data about a person, and it is not even the most practical identifier for behavioural targeting. Seeing data used to single out a person as personal data fits the rationale for data protection law: protecting fairness and privacy.

Links

http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2733115

behavioural targeting, cookies, Data protection law, IP addresses, online behavioural advertising, Personal data, Privacy, profiling, pseudonymous data, tracking

RIS

TY  - JOUR
AU  - Zuiderveen Borgesius, F.
PY  - 0223
DA  - 2016-02-23
T1  - Singling out people without knowing their names – Behavioural targeting, pseudonymous data, and the new data protection regulation
JO  - Computer Law &amp; Security Review
NV  - 2
SP  - 256-271.
UR  - http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2733115
AB  - Information about millions of people is collected for behavioural targeting, a type of marketing that involves tracking people’s online behaviour for targeted advertising. It is hotly debated whether data protection law applies to behavioural targeting. Many behavioural targeting companies say that, as long as they do not tie names to data they hold about individuals, they do not process any personal data, and that, therefore, data protection law does not apply to them. European Data Protection Authorities, however, take the view that a company processes personal data if it uses data to single out a person, even if it cannot tie a name to these data. This paper argues that data protection law should indeed apply to behavioural targeting. Companies can often tie a name to nameless data about individuals. Furthermore, behavioural targeting relies on collecting information about individuals, singling out individuals, and targeting ads to individuals. Many privacy risks remain, regardless of whether companies tie a name to the information they hold about a person. A name is merely one of the identifiers that can be tied to data about a person, and it is not even the most practical identifier for behavioural targeting. Seeing data used to single out a person as personal data fits the rationale for data protection law: protecting fairness and privacy.
K1  - behavioural targeting
K1  - cookies
K1  - Data protection law
K1  - IP addresses
K1  - online behavioural advertising
K1  - Personal data
K1  - Privacy
K1  - profiling
K1  - pseudonymous data
K1  - tracking
ER  -

Save .RIS

Bibtex

Article{nokey,
	title = {Singling out people without knowing their names – Behavioural targeting, pseudonymous data, and the new data protection regulation},
	author = {Zuiderveen Borgesius, F.},
	year = {0223},
	date = {2016-02-23},
	journal = {Computer Law &amp; Security Review},
	number = {2},
	pages = {256-271.},
	abstract = {Information about millions of people is collected for behavioural targeting, a type of marketing that involves tracking people’s online behaviour for targeted advertising. It is hotly debated whether data protection law applies to behavioural targeting. Many behavioural targeting companies say that, as long as they do not tie names to data they hold about individuals, they do not process any personal data, and that, therefore, data protection law does not apply to them. European Data Protection Authorities, however, take the view that a company processes personal data if it uses data to single out a person, even if it cannot tie a name to these data. This paper argues that data protection law should indeed apply to behavioural targeting. Companies can often tie a name to nameless data about individuals. Furthermore, behavioural targeting relies on collecting information about individuals, singling out individuals, and targeting ads to individuals. Many privacy risks remain, regardless of whether companies tie a name to the information they hold about a person. A name is merely one of the identifiers that can be tied to data about a person, and it is not even the most practical identifier for behavioural targeting. Seeing data used to single out a person as personal data fits the rationale for data protection law: protecting fairness and privacy.},
	keywords = {behavioural targeting, cookies, Data protection law, IP addresses, online behavioural advertising, Personal data, Privacy, profiling, pseudonymous data, tracking},
}

Save .bib

IE vincit omnia? Opsporing in de particuliere sector. external link

Kabel, J.

AMI, num: 6, pp: 176-180., 2016

Abstract

Bevel aan Google tot afgifte ex. art. 28 lid 9 Aw van persoons- en adresgegevens van de houder van een Google Play account vanwege onrechtmatige verkoop van e-books. Voorwaarde dat de houder op grond van art. 40 Wbp verzet kan aantekenen tegen die afgifte bij de verantwoordelijke (Google). Grondrechtenconflict bescherming van eigendom, vrijheid van meningsuiting en privacy.

Links

http://www.ivir.nl/publicaties/download/1724.pdf

Grondrechten, Privacy

RIS

Save .RIS

Bibtex

Save .bib

Scoping Electronic Communication Privacy Rules: Data, Services and Values external link

van Hoboken, J. & Zuiderveen Borgesius, F.

JIPITEC, num: 3, pp: 198-210., 2016

Abstract

We use electronic communication networks for more than simply traditional telecommunications: we access the news, buy goods online, file our taxes, contribute to public debate, and more. As a result, a wider array of privacy interests is implicated for users of electronic communications networks and services. . This development calls into question the scope of electronic communications privacy rules. This paper analyses the scope of these rules, taking into account the rationale and the historic background of the European electronic communications privacy framework. We develop a framework for analysing the scope of electronic communications privacy rules using three approaches: (i) a service-centric approach, (ii) a data-centric approach, and (iii) a value-centric approach. We discuss the strengths and weaknesses of each approach. The current e-Privacy Directive contains a complex blend of the three approaches, which does not seem to be based on a thorough analysis of their strengths and weaknesses. The upcoming review of the directive announced by the European Commission provides an opportunity to improve the scoping of the rules.

Links

http://www.ivir.nl/publicaties/download/1721.pdf

data, e-Privacy Directive, electronic communication, Privacy, services, values

RIS

TY  - JOUR
AU  - van Hoboken, J.
AU  - Zuiderveen Borgesius, F.
PY  - 0119
DA  - 2016-01-19
T1  - Scoping Electronic Communication Privacy Rules: Data, Services and Values
JO  - JIPITEC
NV  - 3
SP  - 198-210.
UR  - http://www.ivir.nl/publicaties/download/1721.pdf
AB  - We use electronic communication networks for more than simply traditional telecommunications: we access the news, buy goods online, file our taxes, contribute to public debate, and more. As a result, a wider array of privacy interests is implicated for users of electronic communications networks and services. . This development calls into question the scope of electronic communications privacy rules. This paper analyses the scope of these rules, taking into account the rationale and the historic background of the European electronic communications privacy framework. We develop a framework for analysing the scope of electronic communications privacy rules using three approaches: (i) a service-centric approach, (ii) a data-centric approach, and (iii) a value-centric approach. We discuss the strengths and weaknesses of each approach. The current e-Privacy Directive contains a complex blend of the three approaches, which does not seem to be based on a thorough analysis of their strengths and weaknesses. The upcoming review of the directive announced by the European Commission provides an opportunity to improve the scoping of the rules.
K1  - data
K1  - e-Privacy Directive
K1  - electronic communication
K1  - Privacy
K1  - services
K1  - values
ER  -

Save .RIS

Bibtex

Article{nokey,
	title = {Scoping Electronic Communication Privacy Rules: Data, Services and Values},
	author = {van Hoboken, J. and Zuiderveen Borgesius, F.},
	year = {0119},
	date = {2016-01-19},
	journal = {JIPITEC},
	number = {3},
	pages = {198-210.},
	abstract = {We use electronic communication networks for more than simply traditional telecommunications: we access the news, buy goods online, file our taxes, contribute to public debate, and more. As a result, a wider array of privacy interests is implicated for users of electronic communications networks and services. . This development calls into question the scope of electronic communications privacy rules. This paper analyses the scope of these rules, taking into account the rationale and the historic background of the European electronic communications privacy framework. We develop a framework for analysing the scope of electronic communications privacy rules using three approaches: (i) a service-centric approach, (ii) a data-centric approach, and (iii) a value-centric approach. We discuss the strengths and weaknesses of each approach. The current e-Privacy Directive contains a complex blend of the three approaches, which does not seem to be based on a thorough analysis of their strengths and weaknesses. The upcoming review of the directive announced by the European Commission provides an opportunity to improve the scoping of the rules.},
	keywords = {data, e-Privacy Directive, electronic communication, Privacy, services, values},
}

Save .bib

Welcome to the Jungle: the Liability of Internet Intermediaries for Privacy Violations in Europe external link

van der Sloot, B.

JIPITEC, num: 3, pp: 211-228., 2016

Abstract

In Europe, roughly three regimes apply to the liability of Internet intermediaries for privacy violations conducted by users through their network. These are: the e-Commerce Directive, which, under certain conditions, excludes them from liability; the Data Protection Directive, which imposes a number of duties and responsibilities on providers processing personal data; and the freedom of expression, contained inter alia in the ECHR, which, under certain conditions, grants Internet providers several privileges and freedoms. Each doctrine has its own field of application, but they also have partial overlap. In practice, this creates legal inequality and uncertainty, especially with regard to providers that host online platforms and process User Generated Content.

Links

http://www.ivir.nl/publicaties/download/1720.pdf

Data protection, ECHR, Freedom of expression, Grondrechten, intermediaries, liability, Privacy

RIS

TY  - JOUR
AU  - van der Sloot, B.
PY  - 0119
DA  - 2016-01-19
T1  - Welcome to the Jungle: the Liability of Internet Intermediaries for Privacy Violations in Europe
JO  - JIPITEC
NV  - 3
SP  - 211-228.
UR  - http://www.ivir.nl/publicaties/download/1720.pdf
AB  - In Europe, roughly three regimes apply to the liability of Internet intermediaries for privacy violations conducted by users through their network. These are: the e-Commerce Directive, which, under certain conditions, excludes them from liability; the Data Protection Directive, which imposes a number of duties and responsibilities on providers processing personal data; and the freedom of expression, contained inter alia in the ECHR, which, under certain conditions, grants Internet providers several privileges and freedoms. Each doctrine has its own field of application, but they also have partial overlap. In practice, this creates legal inequality and uncertainty, especially with regard to providers that host online platforms and process User Generated Content.
K1  - Data protection
K1  - ECHR
K1  - Freedom of expression
K1  - Grondrechten
K1  - intermediaries
K1  - liability
K1  - Privacy
ER  -

Save .RIS

Bibtex

Article{nokey,
	title = {Welcome to the Jungle: the Liability of Internet Intermediaries for Privacy Violations in Europe},
	author = {van der Sloot, B.},
	year = {0119},
	date = {2016-01-19},
	journal = {JIPITEC},
	number = {3},
	pages = {211-228.},
	abstract = {In Europe, roughly three regimes apply to the liability of Internet intermediaries for privacy violations conducted by users through their network. These are: the e-Commerce Directive, which, under certain conditions, excludes them from liability; the Data Protection Directive, which imposes a number of duties and responsibilities on providers processing personal data; and the freedom of expression, contained inter alia in the ECHR, which, under certain conditions, grants Internet providers several privileges and freedoms. Each doctrine has its own field of application, but they also have partial overlap. In practice, this creates legal inequality and uncertainty, especially with regard to providers that host online platforms and process User Generated Content.},
	keywords = {Data protection, ECHR, Freedom of expression, Grondrechten, intermediaries, liability, Privacy},
}

Save .bib